Earticle

Bluetooth technology has become an integral part of this modern society. Bluetooth is a recently proposed protocol for local wireless communication and has become a de facto standard for short-range ad hoc radio connections. Security concern is one of the most important problems delaying the mass adoption of Bluetooth. Bluetooth communication range is categorized as high, medium and low depending upon power level. High range of Bluetooth communication is up to 91 meter, medium range is up to 9 meter and low range is up to 1 meter. Authentication and Encryption are the key security features that are used in Bluetooth communication. In this paper, we present architecture for authentication security of Bluetooth. The main goal of this paper is to design architecture of security for Bluetooth in real scenarios. In order to find out the major vulnerabilities in modern wireless Bluetooth-enabled devices that has performed successfully for several attacks such as Unauthorized Direct Data Access (UDDA) and Man-in-the-Middle Attack (MITM). This form of authentication presents an interesting modeling challenge. We discuss the implications of this authentication security for typical Bluetooth usage scenarios.

To protect the privacy, sensitive information has to be encrypted before outsourcing to the cloud. Thus the effective data utilization becomes a significant challenge. Searchable encryption scheme has been developed to conduct retrieval over encrypted data. However, these schemes only support exact keyword search. Recent fuzzy search schemes mainly evaluate the similarity of keywords from the structure but the semantic relatedness is not considered. Our work focuses on realizing secure semantic search through query keyword semantic extension. Based on the co-occurrence probability of terms, the semantic relationship library is constructed to record the semantic similarity between keywords. We exploited architecture of two clouds, namely private cloud and public cloud. The search operation is divided into two steps. The first step expands the query keyword upon SRL stored in the private cloud. The second step uses the extended query keywords set to retrieve the index on public cloud. Finally the matched files are returned in order. Detailed security analysis shows that our solution is privacy-preserving and secure. Experimental evaluation demonstrates the efficiency and effectives of the scheme.

It was proposed a secure group ownership transfer protocol for tags in RFID system to transfer the ownership of multiple tags simultaneously. Old owner executes authentication and updates secrets of a group of tags. Afterwards, it sends the secrets updated to new owner in a secure way. New owner also implements authentication and update procedure with tags. The protocol was analyzed by using GNY logic. It provides mutual authentication between tags and owners. It resists replay attack, man-in-the-middle attack and desynchronization attack. It also protects forward security, backward security and user’s location privacy. Our protocol was implemented and simulated. We obtained experimental data including time cost by tag in the procedure of ownership transfer. It infers that our protocol has much less time cost by tag compared with other protocols.

Elliptic Curve Cryptosystem (ECC) is a well-known cryptosystem for securing the communications. The most important operation in ECC is scalar multiplication. The integer representation plays an important role in the performance of this operation. This paper presents and evaluates a novel recoding technique which reduces the average Hamming weight of integers. The Left-to-Right (L2R) scalar multiplication is modified to utilize this new integer representation. Our analysis shows that the computation cost (the number of required point addition/subtraction operation) in the proposed L2R scalar multiplication algorithm is effectively reduced in comparison with other modified L2R binary scalar multiplication algorithms.

Internet of Things (IoT) has attracted attention in various fields where small devices such as sensors and actuators are intended to be connected with each other by using TCP/IP protocols. To build value-added services in such fields, security is one of the most important considerations. The IETF standard group has proposed to use the DTLS protocol to provide security services with constrained devices in lossy networks. However, the protocol cannot cover all constrained devices because of heterogeneous properties. Under the respect, we propose a secure IoT architecture and design a secure service manager (SSM) that is motivated by traditional web service architecture.

So far, the trust data storage and transmission security problems are often neglected by researchers in P2P E-Service system. Burmester’s scheme and Harn’s scheme are two kinds of structured multi-signature schemes. They provided co-signers with different role/position have different management liability and authorization capability. This paper shows some insecurity in these schemes. There are two kinds of attacks on these schemes: (1) the schemes can’t resist the dishonest signer forgery attack by forging his own public key (2) everyone can forge some certain messages which to be sign and cannot detect by the signature verifier. Then a new structured signature scheme with verifying signature parameter and all the signers’ public keys was proposed. In this way, the new scheme can resist attacks as mentioned, and can be applied to the trust data security transmission in P2P E-Service system.

Wireless Body Area Networks (WBANs) has been recognized as one of the promising wireless sensor technologies for improving healthcare service thanks to its capability of seamlessly and continuously exchanging medical information in real time. However, the lack of a clear in-depth defense line in such a new networking paradigm would make it potential users worry about the leakage of their private information, especially to those unauthenticated or even malicious adversaries. In this paper, we present efficient encryption method based on Elliptic Curve Cryptography (ECC) to protect patient’s medical data in WBANs. This method used the symmetric cipher algorithms (i.e., DES, modified Feistel algorithm, etc.) to encrypt or decrypt some sensitive patient’s medical data, and then use ECC to manage the key’s distribution, update and revocation.

E-Healthcare is a term globally used for electronic healthcare, where a variety of services and systems provided include electronic healthcare records, prescriptions, patients’ health records, healthcare information systems, etc. In this modern decade, a rising number of patients have taken e-Healthcare into consideration, as it provides the convenience of services and delivered at lower cost. The popularity and reputation have been increasing due to a wide range of services. From the system administrator’s point of views, protecting privacy of patients and building trust of patients in e-Healthcare are two main issues. In this paper, an effective design of authentication framework that suits the modern e-Healthcare is proposed.

P2P botnet has become a significant threats in security network. In this paper, we propose a new method to detection the P2P botnet through the analysis of the P2P botnet host’s life cycle, use the method of off-line detection to find the suspected botnet hosts, and determine the P2P botnet host through online monitoring method. In this way, the efficiency and the accurate rate of P2P botnet detection have raised then only use one method, and reduce the harm of the P2P botnet.

In this paper, we present a protocol for a ID-based signature scheme using a tamper- resistant module that holds a private key for signing. This is a distributed-signature scheme, and a computation using a private key is executed on the tamper-resistant module (TRM), with the remaining computations performed on a host PC. The scheme is secure against both passive and active adversaries, even those that can corrupt the host PC. The computational complexity on the TRM is reduced to one multiplication, one addition, and one symmetric key decryption, and the transaction data size is small.

While cloud computing provides a convenient and efficient network environment for users to obtain powerful computing resources, it also brings some important security issues about data security and reliable services. One of the major security issues is to deal with malicious attacks. To cope with these attacks in this paper, a collaborative intrusion detection architecture is proposed and the E-CARGO model is used to model this system. According to CIDF (Common Intrusion Detection Frame), the components of the intrusion detection system are defined. Furthermore, we design and clearly describe the behaviors of Agent and their interrelationship. At last, experiments are used to verify our method’s effectiveness.

Risk management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. In this paper describes a risk management approach designed to support the Risk Management Methodology and adapted to design software to be used in concurrent product/process design and development. A conceptual framework for integrating corporate, product and process knowledge that establishes context of projects is described and systematic approach used to identify, assess and mitigate risk at the early stages of project life cycle, thus preventing project failures are covered.

This paper, the factors to consider the dynamic and static local routing strategy of scale-free networks. Don't have access to global information for large network, put forward a kind of combined with the current static topology information of network and node of the traffic flow situation of considering the dynamic factors of routing strategy of local information. Based on scale-free networks in the simulation model, analyses the network congestion in the shift. Through simulation experiments and research, found that there are optimal control parameters, makes the network throughput can reach maximum.

Industrial control systems (ICS) are computer-controlled systems that monitor and control industrial processes that exist in the physical world. ICS monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is stationary, disaster is inevitable. But, many ICSes were not built to withstand security incidents, such as accidental cyber-related incidents, DoS attacks, and malware infiltrations. Vulnerability of ICS information system becomes clear, security evaluation of the system began to be implemented. Security evaluation for ICS information system has been implemented for all areas, it is performed without considering the characteristics of each field. Control to be applied to all areas, all the same, but the importance of the control is different. This paper has offered the reader a correlation analysis approach which will allow them to grade importance their defensive efforts. Once a prioritized list has been created, a risk management approach to addressing system vulnerabilities may occur. Furthermore, this result based on real data of power generation companies.

An identity-based anonymous agent privacy protection scheme is proposed to deal with the problems of privacy information disclosure. In this paper, some analysis about the status quo of the privacy protection research in China and some partitioning of privacy data in e-commerce are given. We further illuminate the whole process of privacy protection by an e-commerce privacy protection scheme based on the identity of the anonymous agent. At last, the simulation results are analyzed. Experimental results show that the novel scheme can ensure the anonymous reliability, integrity and efficiency to realize privacy protection in e-commerce process.

Electronic commerce can help enterprises reducing costs, obtaining greater market and improving relationships between buyers and sellers. At the same time, new risks and threats have also occurred, such as, mutual trust, intellectual property, network attacks and so on. This paper analyzes the threat classification and control measures, and on this basis, a conceptual risk management framework is provided. Enterprises engaged in e-commerce can use the framework to improve their security.

Database plays an important role on both web-based or desktop based academic information system (AIS) in Indonesian higher education institutions (HEI). Nowadays web-based AIS dominates in Indonesian HEI, almost every HEI uses web-based AIS with relational database management system (RDBMS) as database software. Relational database systems such as Oracle, MySQL, MS SQL Server or PostgreSQL are familiarly used as database management system in the AIS. There are many researches on development of AIS in HEI but none of them is discussing database security and integrity. This research will perform the analysis of database security model that could be used in AIS such as table constraints, table relationships and role-based access control (RBAC).

Machine to machine (M2M) technology has emerged as a rapidly developing technology for large-scale networking of devices without dependence on human interaction. The new form of machine interconnectivity integrates with cloud computing infrastructure through the Internet however, M2M communication poses unique security challenges as the Internet grow steadily and rapidly. The large number connected devices enable attackers to compromise the network nodes through automated and self-propagating malwares such as distributed denial of service attacks (DDoS). This paper presents a cooperative architecture for M2M system security to enable M2M nodes to interface with intelligent devices sensing real-world conditions and control physical devices. We also present performance results of our cooperative architecture that shows that our security scheme is capable of reliably handling concurrent events generated by different types of M2M devices to achieve a high degree of security.

Now a considerable challenge to model cyber-physical systems (CPSs) is to represent the cyber and physical level’s interactions. Owing to physical behavior and components appended to cyber systems, researchers meet with the difficulty in the analysis and verification of noninterference information security model in CPSs. A method is proposed with Petri net for solving this problem effectively by composing the complex systems with small systems while achieving the noninterference information flow security property. This paper analyzes the noninterference security property and the sequence composition in cyber-physical systems using the method. This study provides a formal method and foundation for exploring information flow security property and its composition in cyber-physical systems.

This paper provides a series of work on risk management models to identify the assets and risks. The goal of modeling them is to analyze and calculate meaning of the level of security in the cyber world. Analyzing and calculating was done by the quantitative method, so that the investment decision in security tools were expected to be objective, which were based on performance and situational experiences in an organization. Risk management was then associated with the calculation of costs that may occur with the point of view of the financial aspects of ROI/CBA, such as NPV, IRR, and ROI, so it can be measured in the level of security of the organization and can be maintained within a certain period. Our model consisted sixteen formulas that can show the increasing level of security based on the cost.

With the rapid development of the Internet and the broadband, more and more people transit images on the Internet. Given the information security, some important images must be encrypted when transmitted. Image scrambling serves as one of the powerful encrypting tools. This paper proposes an image scrambling algorithm based on grouping calculation. This algorithm divides every byte of the stored image information into three groups, and swaps the position of each group so that the pixels’ positions are scrambled. And then empower the three groups with corresponding values and do linear calculation for new byte values so that the pixels’ color values are scrambled. The empirical results show that this algorithm has a satisfactory scrambling result.

OAuth protocol has been developed of fast and easy-to-use proxy authentication structure over a surge in user demand for mobile cloud. However, OAuth involves some security and privacy problems. So, we propose ADAMS for user user authentication system mobile environments that can support user authentication, service authentication and access control services more convenience and easily. ADAMS simplify the authentication processing procedures to improve the structure of complex authentication of SSL or PKI. We developed a book research system in order to evaluate the safety of the ADAMS environment. It was assessment of ADAMS logicality using ASVO logic. ADAMS experimental results can improve confidentiality, integrity, availability, and non-repudiation services in mobile book research service.

This article introduces an architecture design of a festival management system server. The design incorporates the concept of n-tier architecture and that of ‘thin’ server. The designed architecture was evaluated in view of cyber security, particularly defense-in-depth concept. The evaluation was performed to check if the features of the defense-in-depth concept according to a guideline are applied properly to the architecture. After reflecting the evaluation results, the designed architecture has become adequate for a festival management system when the high security is required for the system.

Cloud computing is a renowned computing method of sharing data resources whether publicly or privately. Cloud computing is an answer for a better computing environment. It will reduce the costs which are used efficiently. Cloud computing can be used not only for business purposes but also for medical purposes which will be used by patients, specialists, pharmacists, nurses, doctors, and hospital administrations. As an implication, security is an important issue for cloud computing. Data privacy protection and data retrieval control are security issues for cloud computing. This Paper describes security elements like monitoring, recording, tracking and notification. For the purpose of encryption-decryption, AES-256/SHA will be used. Re-encryption "tag" and "mark" for data access system will only be functional for every legal user. It suggests that the cloud computing based on encryption and decryption services. Encrypted medical data could be accessed and decrypted from anywhere and whomever with particular authentication. The writer proposed the constructive idea of Healthcare data via cloud computing and the security accessing data by authorized individuals.

Introducing the artificial intelligence learning algorithm to solve the problem of network security is a focus of current research. We introduce the clustering algorithm into artificial intelligence learning algorithm and apply Fuzzy Support Machines to the intrusion detection. We put forward a method which is based on Fuzzy Support Machines. Then, we chose an appropriate RBF kernel function according to the characteristic of intrusion detection. And we get the intrusion detection algorithm based on Fuzzy Support Machines. The algorithm in this paper reduces the training time and improves the efficiency of the algorithm. Experimental results show that this method improves the fuzzy support vector machine training efficiency, and it is also very effective in intrusion detection. The first part of this paper is the introduction of the related problem. The second part is the concept of Fuzzy Support Vector Machine. The third part is the choice of the clustering center. The fourth part is the process of intrusion detection algorithm. The final part is the experiment.

In this work, the features of the Defense-in-Depth (DID) concept of nuclear industry cyber security have been studied to obtain the insights of the DID architecture of server systems. Through the feature analysis, we have found out that there need to be clear system boundaries among all DID levels, systems should be classified by smaller scale, and one-way data flow makes it possible to assign a high cyber security level to a system. Based on the finding, we have suggested a DID architecture for server systems. The architecture is an n-tier and ‘thin’ server architecture which introduces the special features of the nuclear industry DID concept. The suggested architecture is expected to be very useful to improve the cyber security of various kinds of server systems.

As an important way of recovering data from disaster, disaster recovery technology has turned into a key issue of all the industries depend on computer software system. IPA model is used to analysis customers’ satisfaction of disaster recovery outsourcing, the main factors are captured and analyzed. It is helpful to improve service quality, customers’ relationship and customers’ satisfaction.

Power transformer is one of the key equipment for power grid, and its quality has important effects to the security, stability and economic operation of the power grid. The government sampling inspection pass rate of 10kV power transformer is less than 80% in China, which causes serious impact to the product quality and brings serious security risks. It has great significance to study on the risk identification and prevention method. In this paper, the sampling inspection theoretical analysis of power transformer is carried out with the mathematical statistics and probability theory. Its application in the quality risk identification is studied on. The risk prevention effect of the sampling inspection is studied based on game theory. It is used both on the large scale power transformer and distribution transformer. The sampling inspection has the characteristics such as flexibility, randomness, science, and economics. It can be used in large range with flexible way, especially for the difficult test items. Random is the foundation for the scientific sampling inspection. The approach determines that it can reflect the population quality level with small cost, which has obvious economic benefits. In practice, sampling inspection should focus on the key aspects, including the design of sampling inspection plan, the selection of the sampling mode, the cost and the corresponding punishment.

The paper focuses on the research of typhoon disaster and its influence on power system security. A typhoon disaster simulation model is established to track the average impact of a large number of typhoon simulations in Guangdong province in China. The main parameters in the typhoon model includes typhoon frequency, landing position, approach angle, translation velocity, central pressure difference, radius to maximum wind, decay rate, wind field profile, etc. Then the typhoon simulation and power system risk assessment as well as the system loss evaluation are linked together. The results can provide a potential reference for the government policy makers as well as the power system planners and runners for power system risk assessment, planning and operation.